True Control Center - Unable to open the "Remote Manage" pane

I'm excited to say that I had the pleasure of getting to install version 3.0 of the True Control Center (formerly the ConfigMan Portal). In my environment, we initially deployed a single instance of version 1.0 of the CMP, which was upgraded to 2.XX. This portal instance was pointed at a single primary site in our CAS hierarchy and did not use SCCM RBAC - while it was nice, it didn't provide the capabilities that our support teams needed.

With the release of True Control Center we've decided to re-do our Configuration Manager web portal solution. What this means is that we've decided to install the portal on a dedicated system that all of the domain in our environment can reach and install the portal while pointing it at the CAS and leveraging the SCCM RBAC security model.

The automated installer went great and we had no issues during the setup; this was a fantastic experience as I've always had something go wrong with the 2.X installers. I'm able to log in and I see the event logs populating with messages about SCCM RBAC, so everything is looking wonderful so far... or so I thought. When I went to try and utilize the new "Remote Manage" option on a system, nothing happens. The pane doesn't slide out and I have no access to any of the new tools. When I look at user objects, I see the "Unlock Account" and "Reset Password" options and can click them to get their relevant dialogs to appear. I have tried a variety of browsers, logins, and other workstations and have not had any success getting the new True Control Center features to appear for workstations.

Have you fine community members braved the waters and installed the True Control Center? And If you have, did you have to do anything to get the "Remote Manage" pane to appear? In the near future, I'd like to demonstrate the ability to do this from the Analyst Portal as well, but that's another bridge to cross later

Comments

I'm excited to say that I had the pleasure of getting to install version 3.0 of the True Control Center (formerly the ConfigMan Portal). In my environment, we initially deployed a single instance of version 1.0 of the CMP, which was upgraded to 2.XX. This portal instance was pointed at a single primary site in our CAS hierarchy and did not use SCCM RBAC - while it was nice, it didn't provide the capabilities that our support teams needed.

With the release of True Control Center we've decided to re-do our Configuration Manager web portal solution. What this means is that we've decided to install the portal on a dedicated system that all of the domain in our environment can reach and install the portal while pointing it at the CAS and leveraging the SCCM RBAC security model.

The automated installer went great and we had no issues during the setup; this was a fantastic experience as I've always had something go wrong with the 2.X installers. I'm able to log in and I see the event logs populating with messages about SCCM RBAC, so everything is looking wonderful so far... or so I thought. When I went to try and utilize the new "Remote Manage" option on a system, nothing happens. The pane doesn't slide out and I have no access to any of the new tools. When I look at user objects, I see the "Unlock Account" and "Reset Password" options and can click them to get their relevant dialogs to appear. I have tried a variety of browsers, logins, and other workstations and have not had any success getting the new True Control Center features to appear for workstations.

Have you fine community members braved the waters and installed the True Control Center? And If you have, did you have to do anything to get the "Remote Manage" pane to appear? In the near future, I'd like to demonstrate the ability to do this from the Analyst Portal as well, but that's another bridge to cross later

Hey Bryan, it sounds like there may be a permissions issue with the account being used to use the Remote Manage tool set. You mention that you can see the Unlock Account and Reset Password options, do those features work? If you try to reset a password, does it go through and make the password change?

@matt_medley Yes, we tested those options just yesterday afternoon and to my delight, they worked without a hitch!

@james_atance I pulled up the IE and Edge Dev Tools and while I don't see any errors in the Console tab, I do see some 404 Not Found errors in the Network tab. I can confirm that each time I click on "Remote Manage" a new error appears. It appears to be doing a get request to /platform/api/ however if I try to complete the request or navigate to that page in a browser I get the same 404 response.

Hey Bryan,The remote manage slide out is based on the Cireson Platform (additional component to the portal) so this has to be working and caching/populating data for the slide out to work. Can you check if the CMPPlatformService is installed and running please. If it is, please check if you get data back when you navigate to http://<portal address>/platform/api/CmDevice- you should see all your cached device details in this list.

The log for the platform is in C:\ProgramData\Cireson.Platform.Host so please have a look at this too (feel free to upload here)

When I first installed the TCC portal, I had a similar issue but a simple reload of the website (Ctrl+F5) sorted it for me.

@James_Atance - I have uploaded the requested HAR file to IR71982. Please let me know if you need more info.

@Davis_Mathai - I do see the CMPPlatformService and the CMP Hosting Service installed and running on the server that is hosting TCC. Looking at the logs in the Cireson.Platform.Host I see a very large number of errors complaining about foreign keys (I've attached one of the two logs in this directory - the second is too large). The second log file ends with the following:

Critical 2018-01-25T08:14:25.3204427-09:00: Failed to listen on prefix 'http://*:80/Platform/' because it conflicts with an existing registration on the machine.Critical 2018-01-25T08:14:25.3360717-09:00: Core cannot continue, press 'Enter' to stop.

@Billy_Wilson - This happens with the Service Account and other accounts within the TCC.

@James_Atance - I have uploaded the requested HAR file to IR71982. Please let me know if you need more info.

@Davis_Mathai - I do see the CMPPlatformService and the CMP Hosting Service installed and running on the server that is hosting TCC. Looking at the logs in the Cireson.Platform.Host I see a very large number of errors complaining about foreign keys (I've attached one of the two logs in this directory - the second is too large). The second log file ends with the following:

Critical 2018-01-25T08:14:25.3204427-09:00: Failed to listen on prefix 'http://*:80/Platform/' because it conflicts with an existing registration on the machine.Critical 2018-01-25T08:14:25.3360717-09:00: Core cannot continue, press 'Enter' to stop.

@Billy_Wilson - This happens with the Service Account and other accounts within the TCC.

Most likely the issue you are seeing is what you identified in the logs indicating that the platform is no longer listening and has stopped. The flyout won't ever come out if there is no response from the platform service endpoint.

You can check the endpoints by going to <hostname>/platform/api/Me and this should show you a list of your users current access and roles. If this works then the platform is up and running. If you get a 404 then it's not and it's most likely related to something else on that box conflicting with the platform on port 80.

The /platform/api/Me does indeed return a 404. This is a brand new VM that was stood up solely to run the portal. No other applications or software were installed and I let the TCC installer handle all of the heavy lifting.

IIS does not show any websites other than TCC. Perhaps I'll try to perform an uninstall/reinstall of the TCC.

EDIT: Performed an uninstall/reinstall of TCC on the system. I'm now receiving HTTP 400 Bad Request and HTTP 401 Unauthorized Access responses and am being prompted for credentials when trying to click "Remote Manage". Using the Service Account that was used to setup TCC (and has full admin rights in the SCCM CAS Hierarchy and sa rights on the DB) returns a 401, as well as any other accounts I use.

So, I think the issue is stemming from the fact that it's trying to use the Windows identity for the Remote Manage actions.

I am VPN'd in on my home computer this evening (which obviously isn't on the domain), and attempted to log into the TCC from there. It prompted for my credentials since it couldn't pass my local account through, and I'm able to use the Remote Manage pane from there.

I RDP'd into my work computer, cleared the IE cache and opened up an InPrivate tab (to ensure that any and all caching was not causing the problem), tried to open Remote Manage and... nothing. If I open IE as a different user, the same error occurs; the TCC opens up a security dialog prompting me for credentials and returns an HTTP 401 Unauthorized response.

We don't provide our technicians access into SCCM with their standard accounts, instead opting only to give them access to their admin accounts. The technicians don't log into workstations with their admin accounts, so I'm curious if it is possible for us to switch TCC to use Forms Authentication and let the authentication flow through that way; do you have any steps I can use to switch to Forms Authentication? I tried to play with the configuration on my own, but I couldn't get it to go to a login page (and I actually couldn't find anything that resembled a login.aspx anywhere...)

That said while looking at the Remote Manage tools on my own desktop, it looks like most information is "unavailable" or it claims that "No data has been pulled from X. Pull Now"; clicking on Pull Now of course spins for a bit, but nothing is returned after Remote Manage completes the pull. Inconsistent results, but it does seem to be working fine on a non-domain joined workstation. Most of the actions are available and a machine policy retrieval went smooth. I have not yet enabled the SCCM RBAC since the reinstall as I want to reduce complexity.

Currently, there is no such thing as a login / forms auth for the TCC. If you run the browser as a guest or inprivate then it should block passing integrated auth and you should be able to then login using the authentication popup.

What do you see in these scenarios when you hit the platform/api/Me end point?

I think you too and probably surmise by now that you have a network or policy related issue here. The fact that you get different behavior accessing the same server from different endpoints and methods is a good indication of that.

If you don't log into the portal first and go straight to platform/api/Me this will show you the blank slate you'd expect above because it's showing you it couldn't read an authentication token (/Me does not auth). If you first go to platform/api/MeAuthenticate it will force an authentication with the platform (should ask you to login), from there you can then go to platform/api/Me and you should see your claims/roles. Can you try that out?

On your domain machine the 400 error doesn't make a lot of sense unless you have something going on with a cached authentication token that is causing problems, or you don't allow integrated other in your Internet Settings (are you using a client machine or a server, I'd assume client). If you look at the request headers in the browser devtools network tab for the request, does it include the authentication information?

@seth_coussens - When I attempt to make a call to platform/api/Me while not logged into the portal, I do indeed get the empty result like you mentioned. When I navigate back to the home page (which does not prompt me for credentials) and attempt to hit platform/api/Me I get the same result back and am not prompted for credentials.

If I try to hit something like platform/api/ProviderRoleToApplicationRoleMap, then I get prompted for credentials and then am redirected to an HTTP 400 Bad Request page. This happens with the service account used for install, my admin account (which is a portal admin), and my standard user account.

@seth_coussens - The latest revision of the TCC resolved the issue only for Chrome. IE (which is our default browser) and Edge are still having the issue. I've tried multiple machines and mucked with settings (disabling compatibility mode, add to trusted sites, etc), however we have had no luck with the Remote Manage pane.

@seth_coussens - The latest revision of the TCC resolved the issue only for Chrome. IE (which is our default browser) and Edge are still having the issue. I've tried multiple machines and mucked with settings (disabling compatibility mode, add to trusted sites, etc), however we have had no luck with the Remote Manage pane.

@seth_coussens - The latest revision of the TCC resolved the issue only for Chrome. IE (which is our default browser) and Edge are still having the issue. I've tried multiple machines and mucked with settings (disabling compatibility mode, add to trusted sites, etc), however we have had no luck with the Remote Manage pane.

I've also upgraded to 3.0.2 but getting a different error now.

Remote manage does work from the server where its installed. But anywhere else it fails.

@Matt_Medley and @seth_coussens - I was able to install 3.0.4 and we are getting closer, but there are still a lot of issues around security prompts and configuration that I will need to address with you. Under some circumstances I'm able to open the panel, but it's inconsistent and unreliable. Additionally, the actions don't work as intended (i.e. C$ share and Remote Control don't connect to the selected device, etc).

Would it be possible to schedule a work session with you to perform some testing, analysis, and answer some configuration questions?

@Bryan_TaylorThe folder shares buttons actually had a URL change and the conversion of the URL before sending to the app launcher caused an issue. This will be fixed in 3.0.5 due out this week and the latest version of the app launcher is already out and has it's part of the fix it in (2.0.1)

Let me get this release out this week, let you get it checked out to see if it resolves your issues further and then we can get on a call to make sure we get anything left you are having issues with knocked out before the 3.1 release in April.

@Bryan_TaylorThe folder shares buttons actually had a URL change and the conversion of the URL before sending to the app launcher caused an issue. This will be fixed in 3.0.5 due out this week and the latest version of the app launcher is already out and has it's part of the fix it in (2.0.1)

Let me get this release out this week, let you get it checked out to see if it resolves your issues further and then we can get on a call to make sure we get anything left you are having issues with knocked out before the 3.1 release in April.

I'll update this in Bryans ticket as well as I've been trying to keep these up to date with each other.

CIRESON COMMUNITY WEB SITE

The Cireson Community Web Site is comprised of various web pages operated by Cireson, LLC (collectively, the web pages are referred to herein as the “Cireson Community Web Site”).

The Cireson Community Web Site is offered to you conditioned on your acceptance of the terms, conditions, and notices contained herein without modification or exception. Your use of the Cireson Community Web Site constitutes your agreement to all such terms, conditions, and notices contained in these Terms of Use.

MODIFICATION OF THESE TERMS OF USE

Cireson reserves the right to change the terms, conditions, and notices under which the Cireson Community Web Site is offered, including but not limited to the charges associated with the use of the Cireson Community Web Site upon written notice.

LINKS TO THIRD PARTY SITES

The Cireson Community Web Site may contain links to other Web Sites (“Linked Sites”). The Linked Sites are not under the control of Cireson and therefore Cireson is not responsible for the contents of any Linked Site, including, without limitation, any link contained in a Linked Site, or any changes or updates to a Linked Site. Cireson is not responsible for webcasting or any other form of transmission received from any Linked Site. Cireson is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement by Cireson of the site or any association with its operators.

NO UNLAWFUL OR PROHIBITED USE

As a condition of your use of the Cireson Community Web Site, you warrant to Cireson that you will not use the Cireson Community Web Site for any purpose that is prohibited by law, rule regulation or by any of these terms, conditions, and notices, including, without limitation the export of any Software or technical data to any country prohibited by law. You may not use the Cireson Community Web Site in any manner which could damage, disable, overburden, or impair the Cireson Community Web Site or interfere with any other party’s use and enjoyment of the Cireson Community Web Site. You may not obtain or attempt to obtain any materials or information through any means not intentionally made available or provided for through the Cireson Community Web Site.

USE OF COMMUNICATION SERVICES

The Cireson Community Web Site may contain bulletin board services, chat areas, news groups, forums, communities, personal web pages, calendars, and/or other message or communication facilities designed to enable you to communicate with the public at large or with a group (each a “Communication Service,” and collectively, “Communication Services”). You agree to use the Communication Services only to post, send and receive messages and material that are appropriate, proper and related to the particular Communication Service. By way of example, and not as a limitation, you agree that when using a Communication Service, you will not:

Defame, abuse, harass, stalk, threaten or otherwise violate the legal rights (such as rights of privacy and publicity) of others.

Upload files that contain software or other material protected by intellectual property laws (or by rights of privacy of publicity) unless you own or control the rights thereto or have received all necessary consents.

Upload files that contain viruses, corrupted files, or any other similar software or programs that may damage the operation of another’s computer.

Advertise or offer to sell or buy any goods or services for any business purpose, unless such Communication Service specifically allows such messages.

Download any file posted by another user of a Communication Service that you know, or reasonably should know, cannot be legally distributed in such manner.

Falsify or delete any author attributions, legal or other proper notices or proprietary designations or labels of the origin or source of software or other material contained in a file that is uploaded.

Restrict or inhibit any other user from using and enjoying the Communication Services.

Violate any code of conduct or other guidelines which may be applicable for any particular Communication Service.

Harvest or otherwise collect information about others, including e-mail addresses, without their consent.

Violate any applicable laws, rules or regulations.

Cireson has no obligation to monitor the Communication Services. However, Cireson reserves the right to review materials posted to a Communication Service and to remove any materials in its sole discretion. Cireson reserves the right to suspend or terminate your access to any or all of the Communication Services at any time without notice for any reason whatsoever.

Cireson reserves the right at all times to disclose any information as necessary to satisfy any applicable law, rule, regulation, legal process or governmental request, or to edit, refuse to post or to remove any information or materials, in whole or in part, in Cireson’s sole discretion.

Always use caution when giving out any personally identifying information about yourself or your children in any Communication Service. Always use caution when giving out any information concerning your employer or customers, if any. Cireson does not control or endorse the content, messages or information found in any Communication Service and, therefore, Cireson specifically disclaims any liability with regard to the Communication Services and any actions resulting from your participation in any Communication Service. Managers and hosts are not authorized Cireson spokespersons, and their views do not necessarily reflect those of Cireson.

Materials uploaded to a Communication Service may be subject to posted limitations on usage, reproduction and/or dissemination. You are responsible for adhering to such limitations if you download the materials.

MATERIALS PROVIDED TO CIRESON OR POSTED ON THE CIRESON COMMUNITY WEB SITE

Cireson does not claim ownership of the materials you provide to Cireson via the Cireson Community Web Site (including feedback and suggestions) or post, upload, input or submit to the Cireson Community Web Site or its associated services (collectively “Submissions”). However, by posting, uploading, inputting, providing or submitting your Submission you are granting Cireson, its affiliated companies and sublicensees permission to use your Submission in connection with the operation of their Internet businesses including, without limitation, the rights to: copy, distribute, transmit, publicly display, publicly perform, reproduce, edit, translate and reformat your Submission; and to publish your name in connection with your Submission.

No compensation will be paid with respect to the use of your Submission, as provided herein. Cireson is under no obligation to post or use any Submission you may provide and may remove any Submission at any time in Cireson’s sole discretion.

By posting, uploading, inputting, providing or submitting your Submission you warrant and represent that you own or otherwise control all of the rights to your Submission as described in this section including, without limitation, all the rights necessary for you to provide, post, upload, input or submit the Submissions.

LIABILITY DISCLAIMER

THE INFORMATION, SOFTWARE, PRODUCTS, AND SERVICES INCLUDED IN OR AVAILABLE THROUGH THE CIRESON COMMUNITY WEB SITE MAY INCLUDE INACCURACIES OR TYPOGRAPHICAL ERRORS. CHANGES ARE PERIODICALLY ADDED TO THE INFORMATION HEREIN. CIRESON (OR ITS SUPPLIERS) MAY MAKE IMPROVEMENTS AND/OR CHANGES IN THE CIRESON COMMUNITY WEB SITE AT ANY TIME. ADVICE RECEIVED VIA THE CIRESON COMMUNITY WEB SITE SHOULD NOT BE RELIED UPON FOR PERSONAL, MEDICAL, LEGAL OR FINANCIAL DECISIONS AND YOU SHOULD CONSULT AN APPROPRIATE PROFESSIONAL FOR SPECIFIC ADVICE TAILORED TO YOUR SITUATION.

NEITHER CIRESON NOR ANY OF ITS SUPPLIERS MAKE ANY REPRESENTATIONS ABOUT THE SUITABILITY, RELIABILITY, AVAILABILITY, TIMELINESS, AND ACCURACY OF THE INFORMATION, SOFTWARE, PRODUCTS, SERVICES AND RELATED GRAPHICS CONTAINED ON THE CIRESON COMMUNITY WEB SITE FOR ANY PURPOSE. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, ALL SUCH INFORMATION, SOFTWARE, PRODUCTS, SERVICES AND RELATED GRAPHICS ARE PROVIDED “AS IS” WITHOUT WARRANTY OR CONDITION OF ANY KIND. CIRESON AND/OR ITS SUPPLIERS HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS WITH REGARD TO THIS INFORMATION, SOFTWARE, PRODUCTS, SERVICES AND RELATED GRAPHICS, INCLUDING ALL IMPLIED WARRANTIES OR CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT.

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL CIRESON AND/OR ITS SUPPLIERS BE LIABLE FOR ANY DIRECT, INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF USE, DATA OR PROFITS, ARISING OUT OF OR IN ANY WAY CONNECTED WITH THE USE OR PERFORMANCE OF THE CIRESON COMMUNITY WEB SITE, WITH THE DELAY OR INABILITY TO USE THE CIRESON COMMUNITY WEB SITE OR RELATED SERVICES, THE PROVISION OF OR FAILURE TO PROVIDE SERVICES, OR FOR ANY INFORMATION, SOFTWARE, PRODUCTS, SERVICES AND RELATED GRAPHICS OBTAINED THROUGH THE CIRESON COMMUNITY WEB SITE, OR OTHERWISE ARISING OUT OF THE USE OF THE CIRESON COMMUNITY WEB SITE, WHETHER BASED ON CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY OR OTHERWISE, EVEN IF CIRESON OR ANY OF ITS SUPPLIERS HAS BEEN ADVISED OF THE POSSIBILITY OF DAMAGES. BECAUSE SOME STATES/JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES, THE ABOVE LIMITATION MAY NOT APPLY TO YOU. IF YOU ARE DISSATISFIED WITH ANY PORTION OF CIRESON COMMUNITY WEB SITE, OR WITH ANY OF THESE TERMS OF USE, YOUR SOLE AND EXCLUSIVE REMEDY IS TO DISCONTINUE USING THE CIRESON COMMUNITY WEB SITE.

Cireson reserves the right, in its sole discretion, to terminate your access to the Cireson Community Web Site and the related services or any portion thereof at any time, without notice.

GENERAL

To the maximum extent permitted by law, this agreement is governed by the laws of the State of California, U.S.A. and you hereby consent to the exclusive jurisdiction and venue of courts in San Diego County, California, U.S.A. in all disputes arising out of or relating to the use of the Cireson Community Web Site. Use of the Cireson Community Web Site is unauthorized in any jurisdiction that does not give effect to all provisions of these terms and conditions, including without limitation this paragraph. You agree that no joint venture, partnership, employment, or agency relationship exists between you and Cireson as a result of this agreement or use of the Cireson Community Web Site. Cireson’s performance of this agreement is subject to existing laws and legal process, and nothing contained in this agreement is in derogation of Cireson’s right to comply with governmental, court and law enforcement requests or requirements relating to your use of the Cireson Community Web Site or information provided to or gathered by Cireson with respect to such use. If any part of this agreement is determined to be invalid or unenforceable pursuant to applicable law including, but not limited to, the warranty disclaimers and liability limitations set forth above, then the invalid or unenforceable provision will be deemed superseded by a valid, enforceable provision that most closely matches the intent of the original provision and the remainder of the agreement shall continue in effect. Unless otherwise specified herein, this agreement constitutes the entire agreement between the user and Cireson with respect to the Cireson Community Web Site and it supersedes all prior or contemporaneous communications and proposals, whether electronic, oral or written, between the user and Cireson with respect to the Cireson Community Web Site. A printed version of this agreement and of any notice given in electronic form shall be admissible in judicial or administrative proceedings based upon or relating to this agreement to the same extent and subject to the same conditions as other business documents and records originally generated and maintained in printed form. It is the express wish to the parties that this agreement and all related documents be drawn up in English.

COPYRIGHT AND TRADEMARK NOTICES:

All contents of the Cireson Community Web Site are: Copyright 2016 by Cireson, LLC and/or its suppliers. All rights reserved.

TRADEMARKS

The names of actual companies and products mentioned herein and on the Cireson Community Web Site may be the trademarks of their respective owners.

The example companies, organizations, products, people and events depicted herein are fictitious. No association with any real company, organization, product, person, or event is intended or should be inferred.

Any rights not expressly granted herein are reserved.

NOTICES AND PROCEDURE FOR MAKING CLAIMS OF COPYRIGHT INFRINGEMENT

Cireson respects the intellectual property of others and asks that users of the Cireson Community Web Site do the same. In connection with the Cireson Community Web Site, we have adopted and implemented a policy respecting copyright law that provides for the removal of any infringing materials and for the termination, in appropriate circumstances, of users of the Cireson Community Web Site who are repeat infringers of intellectual property rights, including copyrights. If you believe that one of the Cireson Community Web Site users is, through the use of the Cireson Community Web Site, unlawfully infringing the copyright(s) in a work, and wish to have the allegedly infringing material removed, the following information in the form of a written notification (pursuant to 17 U.S.C. § 512(c)) must be provided to our designated Copyright Agent:

your physical or electronic signature;

identification of the copyrighted work(s) that you claim to have been infringed;

identification of the material on our services that you claim is infringing and that you request us to remove;

sufficient information to permit us to locate such material;

your address, telephone number, and e-mail address;

a statement that you have a good faith belief that use of the objectionable material is not authorized by the copyright owner, its agent, or under the law; and

a statement that the information in the notification is accurate, and under penalty of perjury, that you are either the owner of the copyright that has allegedly been infringed or that you are authorized to act on behalf of the copyright owner.

Please note that, pursuant to 17 U.S.C. § 512(f), any misrepresentation of material fact (falsities) in a written notification automatically subjects the complaining party to liability for any damages, costs and attorney’s fees incurred by us in connection with the written notification and allegation of copyright infringement.